CVE-2022-40685

CWE-522Insufficiently Protected Credentials3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 55.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Data Center Manager
Timeline
PublishedMay 10

Description

Insufficiently protected credentials in the Intel(R) DCM software before version 5.0.1 may allow an authenticated user to potentially enable information disclosure via network access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5intel(r)_dcm_softwarebefore version 5.0.1

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

2
CVEList
CVE-2022-40685: Insufficiently protected credentials in the Intel(R) DCM software before version 52023-05-10
GHSA
GHSA-6g65-h88g-gcgr: Insufficiently protected credentials in the Intel(R) DCM software before version 52023-05-10
CVE-2022-40685 (MEDIUM CVSS 6.5) | Insufficiently protected credential | cvebase.io